LK Artifact Registry

Distribute your artifacts to your end users without any additional administration or maintenance costs.

Artifact Registry is a 100% stateless enterprise ready artifact registry.

It uses any compatible oci-registry as backend, for both storage, authentication and authorization, making it easy to deploy and maintain.

It can host as many repositories as you want, all being backed by a single oci-repository (docker image).

For each repository type, it will create an OCI image tag that will reference all the packages and metadata required to serve the packages. The tag name will be the repository type, e.g. deb, rpm, apk, helm, ...

It has two main parts:

• lkard: the registry server which expose a small web-ui
• lkar: the command line client

Packages formats

The following package formats are supported:

• deb

• rpm

• apk

• helm

• ... more to come

Features

Deployment Modes

The registry can be configured in different modes:

• Multi Repository Mode (default):

  The multi-repositories mode uses one oci-image per repository. It is useful when you are you want to have a different repository for each of your projects.

• Single Repository Mode:

  The single-repository mode uses only one oci-image as storage backend. It is useful when you want to distribute all your packages from a single place.

  To configure this mode, you need to set the lkard --repo flag or the config.backend.repo helm value to the name of the repository you want to use.

It can also be configured to serve the repositories as sub-path or sub-domain.

• Sub-path Mode (default): The sub-path mode uses a different sub-path for each repository types. For example, the deb repository will be served from example.com/deb and the rpm repository from example.com/rpm.

• Sub-domain Mode:

  The sub-domain mode uses a different sub-domain for each repository types. For example, the deb repository will be served from deb.example.com and the rpm repository from rpm.example.com.

  To configure this mode, you need to set the lkard --domain flag or the config.domain helm value to the domain name you want to use and create the DNS entries pointing to the registry.

Registry Proxy support

The artifact-registry has built-in support for registry proxies.

⚠️ If you intend to use the registry with docker.io as backend, it is highly recommended to use a registry pull-through cache/proxy like docker.io/registry or harbor... otherwise you can be sure that the artifact-registry ip will be banned.

Command line:

The proxy is configuratble using the following flags:

```
--proxy string             proxy backend registry hostname (and port if not 443 or 80) [$ARTIFACT_REGISTRY_PROXY]
--proxy-client-ca string   proxy tls client certificate authority [$ARTIFACT_REGISTRY_PROXY_CLIENT_CA]
--proxy-insecure           disable proxy registry client tls verification [$ARTIFACT_REGISTRY_PROXY_INSECURE]
--proxy-no-https           disable proxy registry client https [$ARTIFACT_REGISTRY_PROXY_NO_HTTPS]
--proxy-password string    proxy registry password [$ARTIFACT_REGISTRY_PROXY_PASSWORD]
--proxy-user string        proxy registry user [$ARTIFACT_REGISTRY_PROXY_USER]
```

Helm:

The proxy is configuratble using the following helm values:

| Key                                        | Description                 |
|--------------------------------------------|-----------------------------|
| config.proxy.host                          | Proxy hostname              |
| config.proxy.insecure                      | Disable proxy TLS verify    |
| config.proxy.plainHTTP                     | Use HTTP for proxy          |
| config.proxy.clientCA                      | Proxy CA secret             |
| config.proxy.username                      | Proxy username              |
| config.proxy.password                      | Proxy password              |

For more information, see the lkard reference and the helm chart's README.

Getting started

Evaluating the registry

See the Getting Started guide for a quick introduction to the registry.

Deploying the registry

Deploy the registry using helm:

helm repo add linka-cloud https://helm.linka.cloud

REGISTRY=registry.example.org

helm upgrade \
    --install \
    --create-namespace \
    --namespace artifact-registry \
    --set config.backend.host=$REGISTRY \
    artifact-registry \
    linka-cloud/artifact-registry

See the Chart's README for the available configuration options.

Install lkar (the command line client)

Using the pre-built binaries

Download the pre-built binaries from the releases page and install it in your PATH.

VERSION=$(git ls-remote --tags https://github.com/linka-cloud/artifact-registry |cut -d'/' -f 3|grep -v helm|tail -n 1)
curl -sL "https://github.com/linka-cloud/artifact-registry/releases/download/${VERSION}/lkar_$(uname -s)_$(uname -m).tar.gz" | tar -xvz lkar
sudo mv lkar /usr/local/bin/

Using add-apt-repository

sudo apt install -y software-properties-common
wget -O - https://deb.linka.cloud/repository.key | sudo apt-key add -
sudo add-apt-repository -y https://deb.linka.cloud
sudo apt update
sudo apt install -y lkar

Using brew

brew install linka-cloud/tap/lkar

Using the registry

See the documentation for more information about the registry usage.

Acknowledgements

This package formats implementations are based on the amazing work done of the Gitea team.

Many thanks to them for their work, especially to @KN4CK3R.